„Safe Harbor“ – What you need to know now!

The European Court of Justice (ECJ) considers that "safe harbor" is not sufficient. The ECJ in Brussels adopted a directive on data protection and declared the Safe Harbor decision to be invalid on 6 October 2015. "Safe Harbor" is actually suspended. This creates a legal vacuum. Since 1 August 2016 the regulation "EU-US Privacy Shield" is used.

What is „Safe Harbor“?

Since 2000, "Safe Harbor" has been regulating order data processing between companies in Europe and the United States. Each of the data to be passed on to third parties, such as the public cloud, must be able to ensure that the processing service providers ensure an adequate protection of the data entrusted to them. Data-processing US companies were able to adhere to the principles of 'Safe Harbor' and pretend to be able to process data at an appropriate level of protection.

Why is "safe harbor" unsuitable to protect data?

The decision of the ECJ now reveals why Safe Harbor can not be regarded as a suitable means of protecting the data of European customers: on the one hand, the EU Commission had neither the right to restrict the powers of national data protection authorities nor did it succeed according to the Court of Justice in securing the so-called essentials of European fundamental right to respect for privacy. Safe Harbor is therefore no longer a legal basis.

Legal vacuum

The ruling of the ECJ has not made the situation easier for many companies from the EU, in particular Germans, who entered into Safe Harbor contracts with US data processing service providers from the USA. EU-European and German companies, which are processed by US vendors on the basis of Safe Harbor data, have to act quickly, but should not be too hasty.

You can prevent it in the long term!

With ProfitBricks you rely on a German cloud provider.

Our head quarter and our data centers are located in Germany. We therefore fully comply with the scope of the Federal Data Protection Act.